JP.2003-31 8958.A, [CLAIMS] 1 /2 ^ 

* NOTICES * 

JPO and NCI PI are not responsible for any 
damages caused by the use of this translation. 

"IThis document has been translated by computer. So the translation may not reflect the original 
precisely. 

2.**** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



CLAIMS 



[Claim(s)] 

[Claim 1] At least one set of the wireless server connected to the network, and the base transceiver 
station which communicates by wireless to the mobile radio machine which is connected to said 
wireless server and connected to a terminal, The mobile management server which manages the 
security information which shows whether the communication link with the communication device of a 
communication link place connected to said network about said mobile radio machine is permitted. 
Said security information is acquired from said mobile management server which said mobile radio 
machine makes a home. It is under own jurisdiction. And for said mobile radio machine, two or more 
networks which have the information management server which transmits said security information *o 
the wireless server of the migration place which is outside a home network are the information 
management servers in the radio communications system connected to global network. Receive the 
security information transmitted to the wireless server of said migration place from the mobile 
management server of a home, and a storage means to memorize said security information is 
memorized for said storage means. When said mobile radio machine moves into the communications 
area of a wireless server to the wireless server of the others under said information management 
server jurisdiction further of said migration place The information management server which reads the 
security information memorized by said storage means, and is characterized by having an information 
management means to transmit the read security information to the wireless server of the point 
which moved to said pan according to the demand from the wireless server of the point which moved 
to said pan. 

[Claim 2] Said information management means is an information management server according to 
claim 1 characterized by transmitting said security information after said mobile radio machine moves 
into the communications area of the wireless server besides jurisdiction of the mobile management 
server of said home and authentication processing of said mobile radio machine is completed between 
the wireless server besides jurisdiction of the mobile management server of this home, and said home 
mobile management server. 

[Claim 3] At least one set of the wireless server connected to the network, and the base transceiver 
station which communicates by wireless to the mobile radio machine which is connected to said 
wireless server and connected to a terminal. The mobile management server which manages the 
security information which shows whether the communication link with the communication device of a 
communication link place connected to said network about said mobile radio machine is permitted. 
Said security information is acquired from said mobile management server which said mobile radio 
machine makes a home. It is under own jurisdiction and two or more networks which have the 
information management server which transmits said security information to the wireless server of 
the migration place which is outside a home network are the correspondence procedures in the radio 
communications system connected to global network for said mobile radio machine. The security 
information transmitted to the wireless server of said migration place is received and memorized from 
the mobile management server of a home. When said mobile radio machine moves into the 
communications area of a wireless server to the wireless server of the others under said information 
management server jurisdiction further of said migration place The correspondence procedure 
characterized by transmitting the security information which read and read said memorized security 
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information to the wireless server of the point which moved to said pan according to the demand 
from the wireless server of the point which moved to said pan. 

.[Claim 4] At least one set of the wireless server connected to the network, and the base transceiver 
station which communicates by wireless to the mobile radio machine which is connected to said 
wireless server and connected to a terminal. The mobile management server which manages the 
security information which shows whether the communication link with the communication device of a 
communication link place connected to said network about said mobile radio machine is permitted, 
Said security information is acquired from said mobile management server which said mobile radio 
machine makes a home. It is under own jurisdiction. And for said mobile radio machine, it sets to the 
information management server in the radio communications system by which two or more networks 
which have the information management server which transmits said security information to the 
wireless server of the migration place which is outside a home network are connected to global 
network. The step which receives the security information which is the communications program used 
and is transmitted to the wireless server of said migration place from the mobile management server 
of a home, When said mobile radio machine moves into the communications area of a wireless server 
to the wireless server of the others under said information management server jurisdiction further of 
said migration place The communications program for reading the memorized security information and 
making a computer perform the step which transmits the read security information to the wireless 
server of the point which moved to said pan according to the demand from the wireless server of the 
point which moved to said pan. 

{Claim 5] At least one set of the wireless server connected to the network, and the base transceiver 
station which communicates by wireless to the mobile radio machine which is connected to said 
wireless server and connected to a terminal, The mobile management server which manages the 
security information which shows whether the communication link with the communication device of a 
communication link place connected to said network about said mobile radio machine is permitted. 
Said security information is acquired from said mobile management server which said mobile radio 
machine makes a home. It is under own jurisdiction. To and said mobile radio machine Two or more 
networks which have the information management server which transmits said -security information to 
the wireless server of the migration place which is outside a home network if it takes the 
communications program used for the information management server in the radio communications 
system connected to global network The step which receives the security information which is the 
recorded record medium in which computer reading is possible, and is transmitted to the wireless 
server of said migration place from the mobile management server of a home, When said mobile radio 
machine moves into the communications area of a wireless server to the wireless server of the 
others under said information management server jurisdiction further of said migration place The 
record medium which read the memorized security information and recorded the communications 
program for making a computer perform the step which transmits the read security information to the 
wireless server of the point which moved to said pan according to the demand from the wireless 
server of the point which moved to said pan. 
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DETAILED DESCRIPTION 



{Detailed Description of the Invention] 

{0001] ... 
[Field of the Invention] This invention relates to the information management server which can 

reduce network traffic. 

[Description of the Prior Art] Conventionally, the communication system with which a terminal and 
other communication devices communicate is known, connecting a terminal to a network and moving 
by wireless In this communication system, when a terminal connects with a different server 
(following, "FA") from a home server (following, "HA"), a terminal receives the router advertisement 
which FA has transmitted by the multicast. Thereby, a terminal grasps that it is not in the 
communications area of HA. and transmits a registration demand to FA. In response. FA performs 
authentication processing between HA. If this authentication processing is completed, a tunnel will be 
formed between FA and HA and authentication processing of a terminal will be performed. Thus, a 
terminal can communicate outside the communications area of HA. 

[ProNem(s) to be Solved by the Invention] However, in the conventional technique mentioned above, 
if it is going to secure the security on the same communication link as HA in FA. whenever a terminal 
moves, it is necessary to transmit the security information which is the information about security to 
FA from HA. Therefore, whenever the terminal moved, when security information was transmitted, 
there was a trouble that the traffic on a network will increase. Moreover, after authentication became 
HA course and all communication links had the trouble that modification of security level could not be 
performed for every network. 

[0004] It is in offering the information management server which the purpose can make reduce the 
traffic concerning a network by having made this invention in view of such a situation, and can 
perform modification of security level for every network. 
[0005] 

[Means for Solving the Problem] At least one set of the wireless server by which this invention was 
connected to the network in order to solve the technical problem mentioned above The base 
transceiver station which communicates by wireless to the mobile radio machine which is connected 
to said wireless server and connected to a terminal. The mobile management server which manages 
the security information which shows whether the communication link with the communication device 
of a communication link place connected to said network about said mobile radio machine is 
permitted. Said security information is acquired from said mobile management server which said 
mobile radio machine makes a home. It is under own jurisdiction. And for said mobile radio machine, 
two or more networks which have the information management server which transmits said security 
information to the wireless server of the migration place which is outside a home network are the 
information management servers in the radio communications system connected to global network. 
Receive the security information transmitted to the wireless server of said migration place from the 
mobile management server of a home, and a storage means to memorize said security information is 
memorized for said storage means. When said mobile radio machine moves into the communications 
area of a wireless server to the wireless server of the others under said information management 
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server jurisdiction further of said migration place According to the demand from the w.reless server 
of the point which moved to said pan, the security information memorized by sa.d storage means is 
read and it is characterized by having an information management means to transmit the read 
security information to the wireless server of the point which moved to sa.d pan. 
[0006] Moreover, in the information management server which mentioned th.s .nvent.on above, sa.d 
information management means is characterized by transmitting said security information, after sa.d 
mobile radio machine moves into the communications area of the wireless server besides jurisdiction 
of the mobile management server of said home and authentication processing of sa.d mobile radio 
machine is completed between the wireless server besides jurisdiction of the mobile management 
server of this home, and said home mobile management server. 

[0007] At least one set of moreover, the wireless server by which this invention was connected to 
the network The base transceiver station which communicates by wireless to the mobile radio 
machine which is connected to said wireless server and connected to a terminal. The mobile 
management server which manages the security information which shows whether the communication 
link with the communication device of a communication link place connected to sa.d network about 
said mobile radio machine is permitted, Said security information is acquired from sa.d mobile 
management server which said mobile radio machine makes a home. It is under own jurisdiction and 
two or more networks which have the information management server which transmits sa.d secunty 
information to the wireless server of the migration place which is outside a home network are the 
correspondence procedures in the radio communications system connected to global network for sa.d 
mobile radio machine. The security information transmitted to the wireless server of sa.d motion 
place is received and memorized from the mobile management server of a home. When sa.d mobile 
radio machine moves into the communications area of a wireless server to the wireless server of the 
others under said information management server jurisdiction further of sa.d rn.grat.on place It .s 
characterized by transmitting the security information which read and read sa.d memorized security 
information to the wireless server of the point which moved to said pan accord.ng to the demand 
from the wireless server of the point which moved to said pan. 

{0008] At least one set of moreover, the wireless server by which this invention was connected to 
the network The base transceiver station which communicates by wireless to the mobile radio 
machine which is connected to said wireless server and connected to a terminal. The mobile 
management server which manages the security information which shows whether the commumca .on 
link with the communication device of a communication link place connected to sa.d network about 
said mobile radio machine is permitted. Said security information is acqu.red from sa.d mobile 
management server which said mobile radio machine makes a home. It is under own jurisdiction. And 
for said mobile radio machine, it sets to the information management server in the radio 
communications system by which two or more networks which have the information management 
server which transmits said security information to the wireless server of the migration place wh.ch .s 
outside a home network are connected to global network. The step which receives the security 
information which is the communications program used and is transmitted to the w.reless server of 
said migration place from the mobile management server of a home. When said mob.le radio machine 
moves into the communications area of a wireless server to the wireless server of the others under 
said information management server jurisdiction further of said migration place Accord.ng to the 
demand from the wireless server of the point which moved to said pan. the memorized security 
information is read and it is characterized by making a computer perform the step which transmits 
the read security information to the wireless server of the point wh.ch moved to sa.d pan. 
[0009] At least one set of moreover, the wireless server by which this invention was connected to 
the network The base transceiver station which communicates by wireless to the mobile radio 
machine which is connected to said wireless server and connected to a terminal. The mob.le 
management server which manages the security information which shows whether the communication 
link with the communication device of a communication link place connected to sa.d network about 
said mobile radio machine is permitted. Said security information is acqu.red from sa.d mob.le 
management server which said mobile radio machine makes a home. It is under own jurisdiction. To 
and said mobile radio machine Two or more networks which have the information management server 
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which transmits said security information to the wireless server of the migration place which is 
outside a home network if it takes the communications program used for the information management 
server in the radio communications system connected to global network The step which receives the 
security information which is the recorded record medium in which computer reading is possible, and 
is transmitted to the wireless server of said migration place from the mobile management server of a 
home When said mobile radio machine moves into the communications area of a wireless server to 
the wireless server of the others under said information management server jurisdiction further of 
said migration place The memorized security information is read according to the demand from the 
wireless server of the point which moved to said pan. It is characterized by recording the 
communications program for making a computer perform the step which transmits the read security 
information to the wireless server of the point which moved to said pan. 

[0010] u . . 

[Embodiment of the Invention] Hereafter, the information management server by 1 operation gestalt 
of this invention is explained with reference to a drawing. Drawing 1 is the outline block diagram 
showing the radio structure of a system which applied the information management server by 1 
operation gestalt of this invention. In this drawing, a network A1 and a network A2 are connected to 
global network 500. 

[0011] The mobile management server MDBSA1 performs the wireless -servers RSA1-RSA2 and base 
transceiver station (not shown) which serve as an own subordinate, the mobile radio machine ML 001. 
the identifier (ID) of a terminal, and management of an IP address. The mobile management server 
MDBSA3 performs the wireless server RSA 4, the wireless server RSA 1 1 and base transceiver 
station which serve as an own subordinate, a mobile radio machine, ID of a terminal, and management 
of an IP address. 

[0012] RSA1, RSA2. RSA4, and RSA11 are wireless servers which it is alike, respectively, and at least 
one set of a base transceiver station is connected, and perform routing of an IP packet. Here, the 
wireless server RSA 1 and the wireless server RSA 2 are under management of the mobile 
management server MDBSA1, and the wireless server RSA 4 and the wireless server RSA 11 are 
under management of the mobile management server MDBSA3. Domain name server 11 A performs 
conversion of a domain name and an IP address. 

[0013] It connects with the terminals HostX, such as a computer and PDA -(Personal Digital 
Assistant) and the mobile radio machine ML 001 is connected to the wireless server RSA 1 through a 
base transceiver station. Moreover, the identifier (ID) is beforehand set to this mobile radio machine 
ML 001. Here, the home mobile management server of the mobile radio machine ML 001 shall be the 
mobile management server MDBSA1. 

[0014] The information management server AMA 1 is connected between the mobile management 
server MDBSA1, and the wireless server RSA 1 and the wireless server RSA 2. The information 
management server AMA 3 is connected between the mobile management server MDBSA3, and the 
wireless server RSA 4 and the wireless server RSA 11. 

[0015] The communication system management server 200 which manages the migration place of a 
network A1 and the mobile radio machine ML 001 which moves between A2 is formed in Network B. 
This communication system management server 200 memorizes new mobile FQDN (Fully Qualified 
Domain Name) and a new IP address including the information which shows the current affiliation set 
as the mobile radio machine, when a mobile radio machine moves the wireless server which the 
subordinate of a home mobile management server has into the communications area of a different 

wireless server. . • « 

[0016] Next, the configuration of the wireless server RSA 1 of drawing 1 is explained using drawing 2 . 
Drawing 2 is the outline block diagram showing the configuration of the wireless server RSA 1. In this 
drawing, the security information storage section 13 memorizes the security information which shows 
whether the communication link with the communication device of the communication link place 
connected to a network A1 or global network 500 and the pocket communication device (for example, 
mobile radio machine ML 001) under own management is permitted. The communication device of a 
communication link place here is equipment of the communication link place which can perform 
transmission or reception of a mobile radio machine and data through a wireless server, for example, 
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are a server and a portable terminal. 

[001 7] An example of the security information memorized by this security information storage section 
13 is shown in drawing 3 . ID and a host name for security information to identify a mobile radio 
machine, as shown in this drawing, The present affiliation network of the mobile radio machine in 
which the network name in which the host name and mobile radio machine for identifying the 
communication device of a communication link place are making current connection is shown. The 
access control information which is the information which sets up whether connection between the 
access classification which is the information which specifies classification, such as a protocol used 
as the object linked to the communication device of a communication link place, and communication 
service, communication facility, and a mobile radio machine and the communication device of a 
communication link place is permitted is matched and memorized. 

[0018] "http" which specifies the communication link for which access classification uses http as an 
example here "telnet" which specifies the communication link using telnet "ftp" which specifies the 
communication link using FTP, "ALL" which specifies all access classification. "PUSH" which 
specifies the data transmission by PUSH. etc. are set up. As access control information. O.K. which 
permits connection between a mobile radio machine and a communication device, and NO which 
does not permit connection between a mobile radio machine and a communication device are set up. 
In addition, in drawing 3 , although only the security information of the mobile radio machine which is 
a host name "ML001" is shown, the security information of each mobile radio machine under own 
management is memorized. 

[0019] The communications control section 12 controls whether the communication link with a mobile 
radio machine and a communication device is established based on the security information 
memorized by the security information storage section 13. when the communication link with a mobile 
radio machine and a communication device needs to be established. A receive section 1 1 receives 
the various data transmitted from external equipment. The transmitting section 14 transmits various 
data to external equipment. In addition, it has the same configuration as the wireless server RSA 1 
also about the other wireless servers RSA2, RSA4. and RSA1 1 . 

[0020] Next, the mobile management server MDBSA1 in drawing 1 is explained using a drawing. 
Drawing 4 is an outline block diagram for explaining the configuration of the mobile management 
server MDBSA1. In this drawing the security information transmission-control section 22 When the 
mobile radio machine ML 001 is connected to the wireless server which mobile management server 
MDBSA1 self does not make a subordinate The Request to Send of the security information from the 
wireless server of the connection place of the mobile radio machine ML 001 is accepted. The security 
information of the mobile radio machine ML 001 memorized by the security information storage 
section 23 is read, and control which transmits the read security information to the wireless server of 
the connection place of a mobile radio machine is performed. Moreover, the security information 
transmission-control section 22 detects whether it is the mobile radio machine with which self has 
managed the mobile radio machine ML 001, when the mobile management server MDBSA1 receives 
the authentication demand of the mobile radio machine ML 001 from the communication system 
management server 200 mentioned later. In a detection result, when it is the mobile radio machine 
which self manages, by connecting FQDN of the wireless server in which FQDN of the mobile radio 
machine ML 001 and this received mobile radio machine ML 001 are carrying out current affiliation, 
mobile FQDN which shows current affiliation is compounded and it memorizes in predetermined 
memory And it is answered to the communication system management server 200 that ID is the 
authentication information which shows that it is the mobile radio machine with which self manages 
the mobile radio machine ML 001, and mobile FQDN of the mobile radio machine ML 001. Moreover, 
detection of that it is not the mobile radio machine which self manages as a result of a check 
answers the authentication information which shows that it is not the mobile radio machine which self 
manages and ID of the mobile radio machine ML 001. It is possible to communicate with the host 
connected to global network 500 by this mobile FQDN when it connected with wireless servers other 
than the wireless server by which the mobile radio machine was connected to the home mobile 
management server. 

[0021] The security information storage section 23 memorizes the security information which shows 
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whether the communication link with the communication device of a communication link place and a 
mobile radio machine is permitted about every mobile radio machine which makes the mobile 
management server MDBSA1 the mobile management server of a home. 

{0022] An example of the security information memorized by this security information storage section 
23 is shown in drawing 5 . As shown in this drawing, about every mobile radio machine which makes 
the mobile management server MDBSA1 the mobile management server of a home, security 
information matches the present affiliation network, access classification, and access control 
information on the mobile radio machine in which ID for identifying a mobile radio machine and a host 
name, the host name for identifying a communication device, and the network name that the mobile 
radio machine has connected now are shown, and is memorized. Here, according to the present 
affiliation network of a mobile radio machine, access restriction is changeable by setting up access 
restriction for every present affiliation network of a mobile radio machine. When the manager of this 
mobile radio machine is performed at the time of initial registration of this mobile radio machine and 
modification produces a setup of the present affiliation network name of this mobile radio machine in 
security information, the contents of a setting of the home mobile management server of this mobile 
radio machine are changed, thus, the thing for which access restriction is set up for every present 
affiliation network of a mobile radio machine — the production of intranet — extranet can be used as 
mentioned above. For example, on the head office or branch level, to not preparing a limit but being 
able to access various information, from a subsidiary and an associated company, when it is 
connected to an external network that the limit is prepared in access, it can realize in intranet. This 
is the same also about the present affiliation network name of the mobile radio machine memorized 
by the security information storage section 13 mentioned above and the security information storage 
section 33 mentioned later. 

{0023] In addition, in drawing 5 , the security information about the mobile radio machines ML001- 
ML004 which make the mobile management server MDBSA1 the mobile management server of a 
home is shown. A receive section 21 receives the various data transmitted from external equipment. 
The transmitting section 24 transmits various data to external equipment. 

[0024] Next, the information management server AMA 3 in drawing 1 is explained using a drawing. 
Drawing 6 is an outline block diagram for explaining the configuration of the information management 
server AM A 3. In this drawing, a receive section 31 receives the security information transmitted to a 
wireless server from a mobile management server. The security information Management Department 
32 receives the security information transmitted to the wireless server of the migration place of a 
terminal from the mobile management server of a home by the receive section 31. The received 
security information is memorized in the security information storage section 33. When a terminal 
moves further from the wireless server of a migration place into the communications area of wireless 
servers other than the mobile management server of a home According to the demand from the 
wireless server of the point which furthermore moved, the security information memorized by the 
security information storage section 33 is read, and the read security information is transmitted to 
the wireless server of the point which moved further by the transmitting section 34. The transmitting 
section 34 transmits security information to addressing to a wireless server for transmission based 
on the directions from the security information Management Department 32. 

[0025] The security information storage section 33 memorizes security information based on the 
directions from the security information Management Department 32. An example of the security 
information memorized by this security information storage section 33 is shown in drawing 7 . The 
mobile radio machine ID, a mobile radio machine host name, a communication device host name, the 
present affiliation network name of the mobile radio machine in which the network name which the 
mobile radio machine has connected now is shown, access classification, and access control 
information as well as the security information memorized by the mobile management server shown in 
drawing 5 are matched, and the security information memorized by this security information storage 
section 33 is memorized. 

{0026] In addition, since the configuration of the information management server AMA 1 in drawingj. 

is the same as that of the information management server AMA 3. explanation is omitted. 

{0027] Next, actuation of the information management server AMA 3 in the configuration of drawingj. 
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is explained using a drawing. Here, after the mobile radio machine ML 001 is communicating in the 
subordinate of the wireless server RSA 1 of a network A1. it moves to the subordinate of the 
wireless server RSA 4 of a network A2, and actuation of the information management server AMA 3 
at the time of moving to the subordinate of the wireless server RSA 1 1 is explained further. 
Moreover, the case where an IP address is a global IP address is explained here. 

[0028] Drawing 8 is a sequence diagram for explaining actuation of the radio communications system 
in this operation gestalt. First, a registration demand is performed, while the mobile radio machine ML 
001 notifies ID of the mobile radio machine ML 001 to the wireless server RSA 4 in the field which 
can be communicated after the mobile radio machine ML 001 is communicating in the subordinate of 
the wireless server RSA 1 of a network A1. and moving to the subordinate of the wireless server RSA 
4 of a network A2 (step S1). A random value will be generated and the wireless server RSA 4 will 
transmit the random value, ID of the mobile radio machine ML 001. and the authentication demand 
which generated to the information management server AMA 3. if the registration demand from the 
mobile radio machine ML 001 and ID of the mobile radio machine ML 001 are received <step S2). The 
information management server AMA 3 transmits the random value, ID of the mobile radio machine 
ML 001 , and the authentication demand which received to the mobile management server MDBSA1 
through the communication system management server 200 (step S3). 

[0029] If authentication processing is performed using ID of the mobile radio machine ML 001 which 
received and authentication is completed normally, based on the received random value, the mobile 
management server MDBSA1 will perform a predetermined operation, and will transmit the 
authentication information which shows that this random value result of an operation, ID of the mobile 
radio machine ML 001, and authentication were completed to the information management server 
AMA 3 through the communication system management server 200 (step S4). 

[0030] The information management server AMA 3 transmits the random value result of an operation. 
ID of the mobile radio machine ML 001. and authentication information which were transmitted from 
the mobile management server MDBSA1 to the wireless server RSA 4 <step S5). 
[0031] After the wireless server RSA 4 transmits authentication information etc. to the information 
management server AMA 3 of step S2. it transmits the same random value as step S2 to the mobile 
radio machine ML 001 (step S6). and receives the random value result of an operation which is the 
result of calculating by the same predetermined operation as the mobile management server MDBSA1 
in the mobile radio machine ML 001 (step S7). And the random value result of an operation 
transmitted from the information management server AMA 3 is compared with the random value 
result of an operation transmitted from the mobile radio machine ML 001, when in agreement, 
registration reception of the mobile radio machine ML 001 is performed, and it notifies that 
registration was completed to the mobile radio machine ML 001 (step S8). Thereby, the 
communication link of the mobile radio machine ML 001 is attained in the communications area of the 
wireless server RSA 4. It is memorized by this authentication processing that the mobile radio 
machine ML 001 is under self management, and it is memorized by the mobile management server 
MDBSA1 by it at the wireless server RSA 4 that the mobile radio machine ML 001 is under 
management of the wireless server RSA 4. 

[0032] Furthermore, the wireless server RSA 4 transmits the Request to Send of security information 
to the information management server AMA 3 while transmitting ID of the mobile radio machine ML 
001 which registration completed (step S9). The information management server AMA 3 transmits ID 
and the security information Request to Send of the mobile radio machine ML 001 which were 
transmitted from the wireless server RSA 4 to the mobile management server MDBSA1 through the 
communication system management server 200 (step S10). 

[0033] If ID and the security information Request to Send of the mobile radio machine ML 001 are 
transmitted from the information management server AMA 3. the mobile management server MDBSA1 
will read the security information corresponding to ID of the mobile radio machine ML 001 from the 
security information storage section 23. and will transmit to the information management server AMA 
3 through the communication system management server 200 with ID of the mobile radio machine ML 
001 (step S11). 

[0034] The information management server AMA 3 memorizes ID and security information of the 
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mobile radio machine ML 001 which are transmitted by the security information Management 
Department 32 from the mobile management server MDBSA1 in the security information storage 
section 33 (step S12), and transmits to wireless Sabah RSA 4 (step S13). _ 
{0035] The wireless server RSA 4 memorizes ID and security information of the mob.le radio mach.ne 
ML 001 which were transmitted from the information management server AMA 3 in the security 
information storage section 13. Thus, the wireless server RSA 4 sets up security information of the 
mobile radio machine ML 001 by receiving and memorizing security information from the mob.le 
management server MDBSA1 used as the mobile wireless server of the home of the mob.le radio 
machine ML 001 which serves as a subordinate. And the wireless server RSA 4 controls whether a 
communication link is established based on this security information, when the mob.le radio mach.ne 
ML 001 and other terminals communicate. By this, when access control information is O.K. . a 
communication link is established, and a communication link is not established when it is NG. 
£0036] Next if the mobile radio machine ML 001 moves into the communications area of the wireless 
server RSA'l1 from the inside of the communications area of the wireless server RSA 4, the mobile 
radio machine ML 001 will transmit ID of the mobile radio machine ML 001. and a registration demand 
to the wireless server RSA 1 1 (step S14). Henceforth, authentication processing is similarly 
performed with the above-mentioned step S2 to the step S8 between the mobile management server 
MDBSA1 and the wireless server RSA 1 1 and between the wireless server RSA 1 1 and the mob.le 
radio machine ML 001 (steps S15.S16.S17.S18. S19.S20. and S21). 

[0037] If authentication processing is completed, the wireless server RSA 1 1 w.ll transmit ID and the 
security information Request to Send of the mobile radio machine ML 001 to the information 
management server AMA 3 (step S22). The security information Management Department 32 of the 
information management server AMA 3 will transmit the security information which read the secunty 
information of the mobile radio machine ML 001 from the security information storage section 33 
(step S23) and read it to the wireless server RSA 11 based on ID of the mob.le rad.o mach.ne ML 
001 which received, if ID and the security information Request to Send of the mob.le radio mach.ne 
ML 001 are received from the wireless server RSA 11 (step S24). 

[0038] Thus, security information can be transmitted to the wireless server of a rn.grat.or. place, 
without having security information transmitted from the mobile management server MDBSA1 . 
whenever the mobile radio machine ML 001 moves by memorizing security information to the 
information management server AMA 3. Thereby, since transmission of security information can be 
completed in a network A2. the load of the communication link concerning global network 500 and a 
network A1 can be reduced. Moreover, it can reduce that security information is emitted on global 
network 500. informational exsorption can be suppressed, and the time amount concerning 
transmission and reception of data can be shortened further. 

[0039] Next based on security information, processing of whether a communication link is established 
is explained using drawin g 9 . For example, when "ML001" is set up as "HostA' and transmitting 
origin as a transmission place, access classification "http" is specified and transmit data is 
transmitted to communication device HostA from the mobile radio machine ML 001. the 
communications control section 12 of the wireless server RSA 11 detects whether transmit data is 
ready-for-sending ability. That is. the communications control section 1 2 detects whether the 
communication link by access classification "http" is possible at a transmission place HostA from 
"ML001" a transmitting agency based on the security information memorized by the security 
information storage section 13. In this case, it is access control information O.K. . and since the 
communication link is permitted, transmit data is transmitted to a communication device HostA from 
the mobile radio machine ML 001 (sign (1)). 

[0040] On the other hand, "ML001" is set up as "HostA" and transmitting origin as a transmission 
place When access classification "telnet" is specified and transmit data is transmitted to 
communication device HostA from the mobile radio machine ML 001. the communications control 
section 12 of the wireless server RSA 1 1 Based on the security information memorized by the 
security information storage section 13. it detects whether the communication link by access 
classification "telnet" is possible at a transmission place HostA from ML001 a transm.tt.ng 
agency In this case it is access control information "NG". and since the communication link is not 
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permitted, transmit data is canceled, without being transmitted to a communication device HostA 
from the mobile radio machine ML 001 <sign (2)). Moreover, the notice which shows that the 
communication link is not permitted to the mobile radio machine ML 001 from the wireless server 
RSA 3 is made. On the other hand, "ML001" is set up as "HostA" and transmitting origin as a 
transmission place. When access classification "ftp" is specified and transmit data is transmitted to 
communication device HostA from the mobile radio machine ML 001, the communications control 
section 1 2 Based on the security information memorized by the security information storage section 
13, it detects whether the communication link by access classification "ftp" is possible at a 
transmission place "HostA" from "ML001" a transmitting agency. In this case, it is access control 
information "O.K.", and since the communication link is permitted, transmit data is transmitted to a 
communication device HostA from the mobile radio machine ML 001 (sign (3)). 
[0041] Next, the case where data are transmitted to the mobile radio machine ML 001 which the 
subordinate of the wireless server RSA 11 has is explained using drawing 10 from a communication 
device HostY. Drawing 10 is a flow chart for explaining the case where data are transmitted to the 
mobile radio machine ML 001 which the subordinate of the wireless server RSA 1 1 has from a 
communication device HostY. Here, it shall be, after the mobile radio machines ML s 001 moving into 
the communications area of the wireless server RSA 1 1 , and authentication processing shall be 
completed to the wireless server RSA 1 1 . 

[0042] First, a communication device HostY transmits FQDN (for example, 

"ml001.mdbsa1.providera1") of the mobile radio machine ML 001, the destination solution demand, 
and the IP address of a communication device HostY used as the object which solves the destination 
to domain name server 11A (step S31). 

[0043] If FQDN of the communication device HostY mobile radio machine ML 001, a destination 
solution demand, and the IP address of a communication device HostY are received, domain name 
server 1 1A will hold the IP address of FQDN of the mobile radio machine ML 001 and the destination 
solution demand which received, and a communication device HostY temporarily, and will detect 
whether self has managed the mobile radio machine ML 001 based on FQDN of the mobile radio 
machine ML 001 which received. In this case, since self has not managed the mobile radio machine 
ML 001, domain name server 1 1A11A transmits the IP address of FQDN of the mobile radio machine 
ML 001 and the destination solution demand which were held temporarily, and a communication 
device HostY to the mobile management server MDBSA1 (step S32). 

[0044] If FQDN of the mobile radio machine ML 001, a destination solution demand, and the IP 
address of a communication device HostY are received from domain name server 11 A, the mobile 
management server MDBSA1 will hold the IP address of FQDN of the mobile radio machine ML 001 
and the destination solution demand which received, and a communication device HostY temporarily, 
and will detect whether self has managed the mobile radio machine ML 001 based on FQDN of the 
mobile radio machine ML 001 which received. In this case, since self has not managed the mobile 
radio machine ML 001, the mobile management server MDBSA1 transmits the IP address of FQDN of 
the mobile radio machine ML 001 and the destination solution demand which were held temporarily, 
and the mobile radio machine ML 001 to the communication system management server 200 (step 
S33). 

[0045] After the communication system management server 200 holds FQDN of the mobile radio 
machine ML 001 and the destination solution demand which received from the mobile management 
server MDBSA1, and the IP address of a communication device HostY temporarily, Based on FQDN 
of the mobile radio machine ML 001, it detects that the wireless server which manages the mobile 
radio machine ML 001 after migration is the wireless server RSA 11. The information management 
server connected to this wireless server RSA 11 is the information management server AMA 3, 
Mobile FQDN (for example, "ml001.mdbsa1.providera1.rsa1 1.providera2") which shows current 
affiliation of the mobile radio machine ML 001 is detected. 

{0046] And the communication system management server 200 transmits mobile FQDN of the mobile 
radio machine ML 001 and the destination solution demand which were detected by the information 
management server AMA 3 connected to the wireless server RSA 1 1 (step S34). 
[0047] Since the mobile radio machine ML 001 is under management of the wireless server RSA 1 1 
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when the information management server AMA 3 receives mobile FQDN of the mobile radio machine 
ML 001, and a destination solution demand from the communication system management server 200, 
it transmits to the wireless server RSA 11 with mobile FQDN of the mobile radio machine ML 001 by 
making a destination solution demand into migration node information requirements {step S35). 
{0048] Since the wireless server RSA 1 1 has the mobile radio machine ML 001 under own 
management when mobile FQDN and migration node information requirements of the mobile radio 
machine ML 001 are received from the information management server AMA 3, an address 
registration demand, and mobile FQDN of the mobile radio machine ML 001 and an IP address are 
transmitted to the communication system management server 200. The communication system 
management server 200 matches and holds mobile FQDN and the IP address of the mobile radio 
machine ML 001 (step S36). 

[0049] On the other hand, the migration node information response which shows that the wireless 
server RSA 1 1 transmitted having received migration node information requirements and an address 
registration demand to the communication system management server 200 further, and mobile FQDN 
of the mobile radio machine ML 001 are transmitted to the information management server AMA 3 
(step S37). The information management server AMA 3 will notify mobile FQDN of a destination 
solution response and the mobile radio machine ML 001 to the communication system management 
server 200, if a migration node information response and mobile FQDN of the mobile radio machine 
ML 001 are received from the wireless server RSA 1 1 (step S38). 

£0050] The communication system management server 200 will detect whether the IP address 
registered to mobile FQDN of this mobile radio machine ML 001 occurs, if a destination solution 
response and mobile FQDN of the mobile radio machine ML 001 are received from the information 
management server AMA 3. Here, the IP address of the mobile radio machine ML 001 is detected. 
And the communication system management server 200 transmits the IP address of the mobile radio 
machine ML 001 to the mobile management server MDBSA1 as a destination solution response (step 
S39). 

[0051] The mobile management server MDBSA1 transmits to domain name server 11A by considering 
the IP address of the mobile radio machine ML 001 received from the communication system 
management server 200 as a destination solution response (step S40). 

[0052] Domain name server 1 1 A will transmit to a communication device HostY by considering the IP 
address of the received mobile radio machine ML 001 as a destination solution response, if the IP 
address of the mobile radio machine ML 001 is received as a destination solution response from the 
mobile management server MDBSA1 (step S41). 

[0053] The IP address of the migration place of the mobile radio machine ML 001 is notified to a 
communication device HostY as mentioned above. Thereby, a communication device HostY can 
transmit transmit data etc. to the mobile radio machine ML 001 if needed {step S 42 43). 
[0054] As other operation gestalten of the operation gestalt explained above, even if it is the case 
where the radio communications system with same network A1 and network A2 in drawing 1 is used, 
when being used by different company and the mobile radio machine ML 001 moves into a network 
A2, the problem of security occurs between the mobile radio machines ML 001 which are the 
company of a network 700, and other companies. However, it becomes possible by applying an above- 
mentioned radio communications system to communicate by securing security between the networks 
of a different company. In this case, you may make it set up security information which restricts 
access beforehand to the mobile radio machine ML 001 which has moved. It is able to move to the 
communications area which cannot be covered at its company, and for a certain company to perform 
a limit of reservation, i.e., access, and to communicate security by this, using the network of the 
other company, when roaming is required. Thereby, reduction of cost when two or more companies 
build a network, and the complicatedness of management can be reduced. 

[0055] In addition, although the case where an IP address was a global IP address was explained, you 
may make it use a local IP address in a network in the operation gestalt explained above. In this case, 
what is necessary is just to prepare an NAT (Network Address Translation) function in a fire wall or a 
wireless server. 

[0056] Moreover, in the operation gestalt explained above, although the case where the information 
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management server AMA 3 and a mobile management server were prepared according to an individual 
xplained, it may be made to operate an information management server as a mobile management 



was e 
server. 



£0057] Moreover, although the case where the mobile radio machine by which the terminal was 
connected with the communication device connected to global network communicated was explained, 
a mobile radio machine is changed to wireless mobile router 5a which can connect two or more 
terminals, and two or more terminals 51 - 5n of terminals may be made to communicate with the 
communication device by the side of global network in the operation gestalt explained above, as 
shown in drawing 1 1 . In this case, the number of registered terminals which is the number of 
terminals connected to the IP address of the terminal 51 set to wireless mobile router 5a with an own 
subordinate - 5n of terminals, FQDN, an identifier, and self memorizes information required in order 
that a terminal and other communication devices may establish a communication link, and attests 
between a terminal and wireless mobile router 5a. 

[0058] Furthermore, you may make it prepare any one or plurality in the same case in drawing 10 
among 5n of wireless mobile router 5a and a terminal 51 to terminals. Moreover, it may be made to 
communicate by wireless between wireless mobile router 5a and a terminal, and may be made to 
communicate by the cable. 

[0059] Moreover, the program which recorded on the record medium which can computer read the 
program for realizing security information ManagementJDepartment 32 function in drawing 6 , the 
function of the communications control section 1 2 in drawing 2 , and the function of the security 
information transmission-control section 22 in drawing 4 . and was recorded on this record medium 
may be made to read into a computer system, and management of transmission of security 
information and management of a pocket communication device may be performed by performing. In 
addition, hardware, such as OS and a peripheral device, shall be included with a "computer system" 
here. 

[0060] Moreover, if a "computer system" is the case where the WWW system is used, it shall also 
include a homepage offer environment (or display environment). Moreover, "the record medium in 
which computer reading is possible" means storage, such as a hard disk built in portable media, such 
as a flexible disk, a magneto-optic disk, ROM, and CD-ROM, and a computer system. Furthermore, 
the thing holding a fixed time amount program shall also be included [ "whose record medium in which 
computer reading is possible" is ] like the communication wire in the case of transmitting a program 
through communication lines, such as networks, such as the Internet, and the telephone line, between 
short time like the volatile memory inside what holds a program dynamically, and the computer 
system used as the server in that case, or a client. Moreover, the above-mentioned program may be 
for realizing a part of function mentioned above, and may be what can realize the function further 
mentioned above in combination with the program already recorded on the computer system. 
[0061] As mentioned above, although the operation gestalt of this invention has been explained in full 
detail with reference to a drawing, a concrete configuration is not restricted to this operation gestalt, 
and the design of the range which does not deviate from the summary of this invention etc. is 
included. 
[0062] 

[Effect of the Invention] As explained above, according to this invention, receive the security 
information transmitted to the wireless server of a migration place from the mobile management 
server of a home, and it memorizes for a storage means. When a mobile radio machine moves into the 
communications area of a wireless server to the wireless server of the others under information 
management server jurisdiction further of a migration place Read the security information memorized 
by the storage means according to the demand from the wireless server of the point which 
furthermore moved, and since the read security information was transmitted to the wireless server of 
the point which moved further The count which transmits security information from the mobile 
management server of a home when a terminal moves from the wireless server under information 
management server jurisdiction out of a home network at other wireless servers under information 
management server jurisdiction is reducible. By this The effectiveness which can be made to reduce 
the load of the communication link concerning a network, and can perform modification of security 
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level for every network is acquired. 
[Translation done.] 
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?n^A£E«LfcCi*tt«±-*-4o 40 
[0 0 10] 

[*WO>Stl6a>fl2©] BIT* **W0)-*lfi^I8l-J:4 

tDElCjfcl^T. h 1 ? — ^ A 1 k.%*v h 1 ? — A 2 
li, fa— VO — O 5 0 OlC&|S£*i£ c 
[O 0 1 1 ] */U)\s<gm-y— /<MDBS A 1 14. 
(DiBT^ '<RS A 1 -RS A 2. SSf&gife 

n . »n«m«M looi, s*sk<dhi»i^ so 



(ID), I P7 Kl/XOeiSff5o ^/^ou^js-* 
-AMDBSA3lt a^<0«ET<h££*fcfg*tJ-— /*RS 
A 4. |«1t-/^SA1 1. Sfli63t*feJi* BUMS 

[0012] RSAU RSA2, RSA4, RSA1 

i ii. -t*i-ettic^« <^ti ^co^tiSife^*<«a* 

£ 0 /<rs a i^asig-tf— ARS A 

2 i^/NViUf Ii^-/^MO B S A 1 ©glTt'fe 
y. ISt-ARSAA^HSif-ARSAI 1 <t*<^ 
/W^§It-/^M D B S A 3 IT^fe^o hV*< 
A-*— /<1 1 AI4. hV^>«t!P7KL/X0) 

[0 0 13] f£Kj*Mg&M L O O 1 14. 
PDA (Personal Digital Assi 
slant) $KD«*H o s t X£&t£**U &l£&tfe 
J*£ttLT*ftfg-*-ARS A 1 (rffigt*tl*o Z 

0$iii$iMLo o i \zit. ^thmm* ( i d) 
a 1 -efeata^-r-So 

[O O 1 4] WffigSif— /<AMA 1 I*. ^E/WJU^il 
■9— /<MDBS A 1 iiSt-A'RSA 1 fc^tfSfUT* 
-/<RSA2t0)fyilCSa*4x^ o /<AM 
A3(*. ^/nV / <M D B S A 3 / ^ 

RSA4fc«i:i;i8t-/N*RSA1 1 i: <D fU] I Z 

[O O 1 5] h^7— ^BlCli. *y K9-^A1 % 

A2P^^»J-r^^lfi^«MLO0 1<D»»*a)ttS 

0MvXf A§Ii^-/\2 oolt 

a / ;ues-9— / fc & ^ nit-/ ^ t \t m& 

/W^FQDN (Fully Qualified D 
omain Name) t$&Xf I P7Kl/XSBttt 

[O O 1 6] SfelC. g| 1 OMm-V— /<RS A 1 0>«j£l:- 

T. -fe^a'Jf-rHaiattffll 314. *^ K9-^A1 
*fcl*yp— h^7— ^ 5 o Olz^gJ^n^iili 

&<Dmm&mk&m<D<§mT\z&>z>m&mm&Wi («x 
(4. ^tb^^«M l o o i ) ^oa«*itPi-r«A^5^ 

[0 0 1 7].c©-b*j.y-r<««Ett»i 3lzE1fi* 



(5) 
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-?±5\z. **3.ux-<«*8i*. &W}mm&zm%\-fz> 
*>afr*-tf*. a««»* 

[0 O 1 8] wC-C. T^-bxaSiJI*. — Wit LT, h 

t t ptrnm-tzmmzmtt* rn t t P j . t e i 
net &mm-r zmmzntt* r t e I n e t J % F 
Tpzmm'fz&mzm&'fh n t P j % t^tor 

{7-b^a»J*»2-r-« r A L LJ . PUSHlZj:^f- 
rpusHj t££tfWC&-£)xZ>o 7<? 

i^Br-r^ roKj . »im»&£a«SS£aflMK£lf 

pTLfcl* TNGJ tfSSStli. ttJ5. B3IZjSl/*T 

I*. t^h« TMLOOU ■Cfc^i)i8«0-b^a 20 

[ooi9] mmmm^i 2 i±. ^nMfea^assfi 

ttlBttffil 3lzBttSftTl*44z*j.y^*1fMRlU^5 

^af-^sstt^o &fispi 41*. jmvosbi::*. 

2. RSA4. RSA1 IIZOI^T*. (W»-/^RS 30 

[0020] ;*ic % eii iz fcit / *m 
DBS A 1 l::-3l*-CBffiSIHL*TlftW*-5. 0 4 1*. 
/ W JUSSIf — ' <M D B S A 1 ©flUaElCOHTBMH-*" £ 

U-r-r flHR&««l«)fli 221*. ^Sb^tgaM L O O 1 *< 
l(h^/<lc»«* 2h.*»«i::. »U«I|R«|M L O O 1 0) 

^MISiM L O O 1 O-b^r^. 'J -r 

-f«ffi2im©JmiaJ2 2l*. flJLtf. */WiUWB*— /< 

mdbsai^ aa-Tiaw^x-rAwai-y— /^2o 

0**&»M*MJ«M L O O 1 (7)1211^* tSflLfcig 
»Ki«tlK«M L O O 1 te#3&<BlLtL^8B* 

■r-&»B^««-efc-5iI^. gSlI^aM LOO 1 CO F 
Q D N iSl LfettSHftHiM L O O 1 A^fiBri L 50 



ti>§i8t-/^f qdn^, s-sfrr^z^ic^ 
y. s^co^fMs^-r^^-f^FQDN^^fitL. 
(Dy^ywiciattfSo tit, mtiiMLooi 

<t. WSiMLOO 1 CD^E/<-OUFQD N £ I D t 
Jlli/XfAfl^- /^OOl:f]S«o fit 

SBEWffit . »K^IS«M LOOKDIDt GBtt 
Z> 0 C(D^E/W;UFQDNlZj: y\ HMUl^-A 
^ / W ;ug3Hr- / SKiStt * *ifc < ia*<0 fttfll 

[0 0 2 1] -fe^riU J r-<W*SE«gP2 3[*. =E/U)i^ 
§I1f-/<MDBSA 1 AflD^/WiUffSU— /< 

±-r*»B«M*coi*T. aitftaaitm^viit 
«r«« £ <oati fcaws* ***-fe* a. y * -r « 

[0022] C©-fe*a.»j7T-<ttNWe«»2 3lCfBffi£ 
D B S A 1 ft^-AOD^/^-f >U»«*— /«4r-r«»«|« 

-f>K9*^ K-Cli* *tt^»3EJSU^-CI*»JBB*Slt 

■r«c^3&<-c*4. cm*. liimaUf^ma 
tettai i ■ 3 1 ^a-r 'Jf-r ««sEffi§p 3 3 icse 

[00 2 3] tats. lil5lcfcL^Tl*. ^/<-r;ug^ir— 
amdbsa 1 ^3^— Jxo^/^^i ju^mv— /*t-?z>& 

WlMt&mM L001-ML004 (COl^TCD-tr^zL »J x 
-f!WtfS**iTU4. fW2 II*. *»OW*6 
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[0 0 2 4] 2fc|Z. Si lCftlf*tiMI»MU— /UMA 

«$-g«-r^o **j.yx*iiMBM»3 2i** ss^cd 

&<I2;h£**ag^«S^g<ia5 3 1 ichors*! 10 
gji 3 3 icfBtg L . ttl*A<»«i jfeO)*H»-th— / <fr £ * £ 

/«^&0)K*lCi£CT. 4z^r3.UT--r»«fiaiSffl3 3IZ 
»3 4fZ.J:oTa«-r*. 3l«»3 4tt. «a'Jf-f 

[002 5] ■fe*a'Jf-f««IBttS33li, t*aU 
■T-fflMSMfflS 2^t><0fi^l^S^l^T. "tr+a'Jf 
Wffi^fiBtfi^^o C©**aUf-f ««!B»aP3 3IC 

laissaia-fe^a. u -x-r w^^-^^m 7 i3^-r 0 zo) 

-tr^zL ijf-f lEffi^P 3 3 icffilg^^^-tz^i U t- -f 

O—OZx. T*-fe*aSL T^^MIMB^tfMJC^ 30 

[0 0 2 6] fcfc. HI 1 tfelt /<AMA 
1<&«j£l*. 1*«M1*— /UMA3i(^»Tfe^T? 

[0 0 2 7] Bl(D«tmi=fclt*W«ffS-9— 
AMA3(D|)^l:oL>t, Hffi£ffll*TBtBTr«o 
tf li. ?£K)*&*g&M LOO 1 * h 1-0 A 1 ttftft 
it — AR S A 1 <DETlCfc^Tffl«*t7oTL^fc«lC. 

^7h^A2 comm-v— * < r s a a <dwt\^w\ 

L. £ blC* ftft-*— ARSA1 1©ETt8llltfe* 40 

■r*o cz-ci*. i P7Kwtfyp-/^n p 

[0 0 2 8] B8I±« w<DHJfi»fflfCj3lt4*l«a«i/ 

*• a»**«M L O O 1 I*. attftftttM L O 

0 1 ffi^v \-r?—<?A 1 C0*ltt-9— /<RS A 1 0)IETf3 

it- /<rs A4<oETic»«iLfc«. mmtttto&m* 
to<Dmm-y—'<Rs a 4 ic» lt&immiim looi so 



SI). R S A 4 |* % aniRlMtM LOOI 

*&aMB*fcMMBBMLoo 1 0> i D«t£g<I 

is^tg*iM l o o i <o i o t mum* t shmhm-9— 

AAMA3lC&frr& ttfV?S2) o ftati^- 
/UMA3I1 afiLfc7>yA«t»Hj*8iM L O 
O 1 (D I D£ttH«#i:£a«S'*T-A«3I-y-— ><2 O 
O Sft Lt^/ WJUf I*-/<M D B S A 1 
(Xft/?S3) o 

[0 0 2 9] t/WJUflit-^MDBSAHi, Sit 

Lfean*MttM lookdi d $Hii*TBBM*fT 

IV BSE*«jE*i::*7-r*fc. «iLfc9>yA*lz* 

aUMHtttML O O 1 CD I D irBSEtfJcT L?= - <t 
-TBIEflWBfctaa^^ fAWf-/<2 oo^Lt 

flMBM*— /*AMA3lC3l«-r4 (Xf'^S4) . 
[0 0 3O] fl|««3EU— /<AMA3li. t/W^gl 
AM DBSAl^6St4W=5 >yAfc3tJMS* 

<b^ii»iM loo i Digsnfist m&v— 

/<RS A4lc£fl-f & «f*;?S5) o 

[003 1] mtSL-V— ^RS A4ii. X^^^S2C0«f 
IBM*- /<AMA3lcBBE««*ta«Lfc«klc. A 

f'^s2(t ntta)7>^i«nMiM looi 
(xf'^se) ; MMmlo o i fcfc 

at jt iziot*** tifcest ft « 5 > y Affi3S*te* 

Uf*;7s7) o -fur. jfiffiglit- 

AMA3fr6a«s*ifc7> * Aaat jwb » t ^kj^is 
8mlooi 3^&a«**Lfc^>yAajnjw»»i:*it 

«L. -SftLTL>^i§^lC^Kj^^ML O O 1 (DeS 
SHtftffL^, Lfc I ^SliSiM L O O 

8ML001 /*R S A 4<7>a{lX ij Tl^lcfc 

l>t. ffifi^PTfifeit^^o zomummiz&^T. mm 

ST-e&ac^tfSatS^tu ^e/nVjuM*- ^mdb 
s a i \at. &w>m&mM looi^ mmv—^ns 

A40)fiTt*fe^-i:A<!2ti*^o 
[0 0 3 2] *blC. BB»— ARS A4li. 
T Lfc^K)^«l«M L 0 O 1 (D I D SMt^i £ * 
IC. ^^iU^-<W«[a)2im^*^ffi«[M J 9--/<AM 
A3|r2Hl-r-i) (Xf'^S9) o ffiffiM*— /<AM 

ML 0 0 1 0) I D^-fe+a-'J-T-f 1t*a«***a«S/ 
^fASIlt- /<2 OO^ltt/WJl/fl^A'M 
DBSAHlMt^) Uf'^SIO) o 
[0 0 3 3] ^W^fl^-^MDBSAIIi, fiSffl 
/<AMA 3fr&&SMtRttML O O 1(7) I 



(7) 
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ML O O 1 0) I Dlcftj£^£-t?^zLy -<1fiffi£-tz^ 
■J^f -f«$aSEi66fl2 3^btt<3W£U W«iMLO 

0 1(0 I D^^tlC. IfvXfAtIit-/<200? 
ttLTflMSWI*— y^AMA3lr2im*r^ (X^^S 

1 1 ) o 

[0034] ffi«§It-^AMA3lt t^ra'Jf-f 
«$&gSSP3 2lC«J:oT. ^A-<JU§31*— AMDBS 
A 1^b£^£;h£^K)ftfttgMLOO 1 CD I D^-tr^ 
i U t- -< Wf8 <h £-tr y -f 3 3 icSSffi L 

(^ir^^s 1 2) . mmv-/<Rs A4ics«-r^> (x 10 

1 3) o 

[0035] *»*— m*rs A4ii. 

M A 3 ^ b M $ *lfc8Bi«SM LOO 1<B I D^-fe 
ta'Jf-flWtmaUT-ftlliEIflJI 3lCgEti 
•T£o -®ct5lcir, JSft* — ARS A 4 14. IET£ 
££*£®)ftft«M L O O 1 <&\s— AO^/W JU&ft*— 
/<i:&S : EAVjUtI^-/^MDB S A 1 y 
T"-rflMB«6*U Eft-Tic Jrlc-fcoT. f£»ftft« 
MLOO 1 (D^^y ^-<ft#8<&l&££fr5o fit, 
||»-/<RS A 4 (4. *£K*m&M LOO 1 20 

*u Tngj <Dig^l4. a«3b<«A**tai^. 

[003 6] 3fcU: % f£Kjftft«M L O O 1 A<ft«*— /< 
R S A 4 Oat! I'JTWA^b ftft* — / ^ R S A 1 1 0>a 
«x'jrwic»«rr*£. »»ft««M L O O 1 14. » 
iMiMLO o i o I D£S&S#££ftft*--/<R 
s a 1 i ica«T« v?s 1 4) o ±&<d 

fI1t-/<MDBSA 1 £ft«*— A*RS A 1 1 <t<OfH] 
fcj:tfft«*— S A 1 1 £&H)ftftttM LOO 1 i 
0)|ll||Zj3l^TBIjEft3l3^fT*3*L* Uf^S15, S 
16. S17, S 1 8. S 1 9. S 2 O. S21) 0 
[0 0 3 7] BH«M«*SE7-r«£. Mlt-^RSA 
1 1 14, ftlllftftftM L O O 1 (D I Dtt^i y^f-rft 

*»««#£.*««««*— /<am a 3 ica«t-* <* 

f'^S22) 0 ««SI^AMA3fl)-i!4ayf 
-rWSieSfiUS 214. «W-^RSA1 1^&«Klft 
«1M L O O 1 (0 I D t t*a 'J f -f ««a«S** S 40 

m-TZt* ««Lfc»ttft««ML 00101 dic&-3 
i^t. f^B&ft&MLOO i<&^*j.y^-r1**fi£-t:*- 

3) . R^tb Lfc-b + a U f -f *«***1f-/<R S A 
1 Uf^S2 4) o 

[0 0 3 8] ZCD^5I^LT. 1SSfI^-/UMA3 

lc-b*i y-r-r Wlfi£fB<6LT;fc< cilery, *£U]8t 
MttM L o o i aWMM-«»=-te*i U t-t flHB**/^ 

-rjHIt-/<MDBSA 1 frJb£fiLT4i fed # 



*tl h?— * A2rtT5E7T£-£#T#&0>T-. 
— /<JU*? hr?—<? 5 OOt**; h *7 — A 1 C:frfr« 
aftttftftSftft*-**-******. «fn-/< 
;u*-? K^— V 5 o o±ic-b^rrLy T-ftiMB*<ttdi**i 

[0039] -fe*AiJ?<r1MU=ft-5e. atitf 

fflxtf. j£tl5fe<t LT Th o s t Aj . i£ffi7C<h LT 
TMLOO 1 J iMHSStu 7^-bXasy Th t t pj 

tmmttis giiSttMLoo i*>bM*iHo s 
t a seicamT- * *<aft * w-/^rs 
a 1 1 ommtimm 214. asm^-^^amRHifi-e* 

«j&*5*t«ttJ-T*. -rtt*>** 2 14. -tr 

*i y T--T ftftEttft 1 3 izEft S*iTl**-fe*a. U -x 

Sftjc TMLOOIJ TH 
o s t A J lC7^-bX«»J rht't pj ICcfc^ififltfpJ 
ftT?fc**5**«tt-T*. d<D«*. 7**XM« 

« roKj Tfcy. a«*«i*Ri**iTi**©^ ans-x 

— *I4. »llti8MLOO 1»»MlHo s t A 

icas«s*i* (»# (i) ) o 

[OO 4 0] ft** a**i:Lt THo s t Aj . Sfl 
7E <h LT tmloo 1 J *)<f£££;»X. 70**ftM r t 
e I n e t J aWWEStU 8Bi«*ML O O 1 4>b» 

ft*— ars a i i (Dmmmw&i 214. Ha'jf^ 

ISffllseSPi 3lcge16^tLr^^*-t^^iy ^-rflf«(^^ 

TML O O 1 J 36>b>3l(i5fe TH o s t AJ 
|C7^-tr^a»i rtelnetj |C J: £iS{i#Rlf£T*fc 

GJ Tf*y. iS^i*<I ^ FP^^HTL^/c^:l^a)r. Sft-r— * 
(4. ^ISftftSM L O O 1 ^blfiStH o s t AIZjSI 

ffi*n-ric«*^ti* (»* (2) ) . ftia*- 

/N'RSA3^b^lDi^ML0 0 1 (caffi3&<»nJ**L 

T TH o s t AJ . 3k97tt LT TM L O O 1 J A^SS 
£*U 7^tx8»J rf tpj 2&«»***l. ^S&^ft« 
MLOOI & a{B&HH o s t A^l^^mT-^ tfisk 

fi$*ifca^. afliMftfti 214. t*a«jf-f««E 

TMLO 0 1 J 3f)>t>j£^lffe TH o s t AJ |C7^7 

•fexftjsil rf tpj ic**a«iOTff«^**a^5**ft 
Hi-T^o 7^-tr^§SW« roKj Tfey. 

an^pi^tLTLN^o-e. am^r— ^14. ^K^ft^ 

MLOOI 3^&a«3SitH o s t AfZ3lft*^4 

(3) ) . 

(0 04 1] IfglHos t Y3^&ftft*-/< 

RSA1 1 CDETI-ft^SBiMtM L OO 1 iCf-* 
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£3am-f &*§^-^tih 1 o&m^xmx-fz>o si 
oii. MiiSMH o s t Yfrt>mmv— y<RS A 1 1 <& 
ETi::fc*»«i*lt«M l o o i ic^— $ £2Hf-r 4« 

-eii. ^Wj^««m l o o i y * R s a i i co 

a«xU7rti^»«i»"e*y. ii»-/<rsai uz 

[0 0 4 2] *"*\ ifi^lSSH ostYlt *&5fc£*8* 
-ra«gt£fc*»»»tt«MLOO 10FQDN («*. 
If, rm 10 0 1. mdbsal. providers 10 
1 j ) £*a5fc#ft«#i:afi8«H os t Y(DI P7K 

u^t*K>^>*— A-y— y<i lAic&fi-r* Uf 

7?S31) . 

[0 0 4 3] K> Alt— /N 1 1 Ali. ffiffgg 
Host Y^lliSiMLO 0 1 0FQDN^^iS 
S#«hiI<I3£®H os t YO I P7 KU7<l:^Sitl) 
g^L/r*£»]*M8«ML0 0 1 (DFQDNtftftM 
S^SfcitiUlSfiH o s t Y<D I P7 Kl/^^-ftS^ 

l. ftm Ltz&mmm&M lookdfqdn 
©SL-ci^&i^-e. K>>r >*— /<i 1 a 1 1 

Al*. -^«^Lyr^l!)^ti«MLOO lOFQDNi 
^*8?ife^*£il<I£fiH ostYfl)IP7 KUX^E 
/W;U§S-tr— AMDBS A 1 izaiff-r* (X^r^^S 
3 2) . 

[0 0 4 4] t/W^l^-/<MDBSA1ll hV 
-f>^— /<1 1A^bgl!li8iML00 1(DF 
QDN<t%5t#£fc^#£iI<l«®Ho s t Y<D I P7 K 
UXir^Sii-r^^. SmLtc^S)^|g«ML O O 1 (D 30 
F Q D N ^^SaiS^IISI H o s t YCO I P7 
KUX£-B#«i#L. SflLfc»IM*8«MLOO 1 O) 
FQDNClg^T. ^IMiMLOO 1 &£Mrtf<g 

mi,xi*z>fr : gfr£&&-?Zo z&m-s. nwimmmw 

LOO 1 £&Mttf 4 §mLXl^l^<DX. ^\VJUfl^ 
-y*M DBSAIIi, -B#ffi& Lfc^®b^H«M LOO 
1 (D F Q D N £5a*«*K#£»»fctt«M LOO 1(D 

I P7 Kl/XtMvXfAtl*- A 2 O OlraUlf 
£ (X^fy^S 3 3) o 

[0 0 4 5] JlflvX'rAgail*— /<2 O Of*. ^E/W 40 
j|,gIt-/<MDBSA 1 a^g{ILtrf£i&&*§tf£ML 
O O 1 <7>FQDN£^5fcS&^#£®tI3£eH o s t Y 
0)1 PTKU*<t£-B#S#Lf::!fe. mtftltVIM L O 
O KDFQDN infi^lVC. f£l)&<D*£ia*8*£«M L O 
O 1 S A 1 1 T'fc 

£Z<t£*££ii L. Zfl)i8^RSA1 1lcfgf££;H 

^Iftffi^Sit— / /Um a 3 t$>£ c <t 

»1M|ML O 0 1 0>g!£(&flJrM£;f>-f ^/W 
F Q D N r m I O 0 1 . mdbsal. pr 



2j ) ^«tti*r^o 

[0 0 4 6] *LT. Ifv^fAgIit-/N*2 0 0 
AMA3IC, &&£*ltz&mm&mMLO O 1 <D*:/U 
4) . 

[0047] /<AMA3li. M^fA 

gSth— A 2 O 0^<b^Kl^««M LOOKD^/^JI/ 
FQDN£&ft#*^#££g^r*<h. *£IMit8«SM 

looi^8^rsai 1 (DesT^efe^cD-e. 

LOOKDt/NV^FQDN^it IC&tg+T-y < R S A 
1 1 lCi£{rf£ Uf7^S3 5) o 
[0 0 4 8] t^-/N*RSA1 II*. ««S3S-9— /< 
AMA3^bgl)i£iML0 O 1 Ot/W^FQDN 
Ktt*K3ft£Sfrr*^ *£t»&«MLO 
O 1 tf&$KD<§mT\z3bZ><DX. T KUXSgg*<t8 
iifiiMLOOI^/WJl/FQDN, IP7KUX 

<t£. aimvXT-Ags-ti— /\*2ooicMt5 0 mm 

vXfA^-/^2 O O li. *£»*&ig&M LOO 1(D 
i/WJIFQDNi: I P7 KU^t^^JS^Itrffilt-r 
-5 (Xiry^S 3 6) o 
[0 0 4 9] — * % mm**— /<RS A 1 1 li. £t>IC. 

KsR^jMvXt^M"*— y<2 O Olc^fiLfcZit^ 

*t»i-/ - k««j£^ ±&w>m&i&M l o o i o>^y* 

-OU F Q D N £ /< A M A 3 ICSI*^* 

Uf'^S3 7) 0 1ft#&g3g+J— AAMA3lt JRtft 

»-/<rsai i3b>t>»iS-/-K««J6*^»»^8« 

MLOOiaJ^W^FQDNirSSfit^t, iI{f-> 
XfAfI1t-/\ # 2 0 OlzJSft«*j£«i»Bl«l««M 
LOOKDt/U^FQDNflWS Uf 'V?S3 
8) . 

[0050] M*>*-xAM*- /\'2 0 0it flttt* 
SU— /UMA 3^£«3fc#*J6§£»»)fclS«M L o 

OI^/^Jl/FQDNtJglt^t, Z0>i£R)Jlfg 
iMLO 0 1 <D^/WjUFQDNU:ttLT§^£*lTl^ 
£1 P7 KUXrt<fc£fr5^£&iii'r£o 
RlSMS&ML 0 0 1 <D I P7 KUX#«*da£*l£o L 
T\ iSftvX^A^S-y— /<2 O 01*. &lMR|ftttML 

O 0 1 CD I P7 KUX£^5fc#*JES£LT^/W;i^ 
I-9-/N*MDBSA1lzMt* (Xf^S3 9) 0 

[0051] ^y W ;u®s-9— /<MO B S A 1 I*. Jgfi 

V^fAei1f-A2 0 Ofr*gmL/r^l»*l«£ML 
OO 10) I P7 KUX£$S5fcS*l£g«t LT KV-f>* 
— A+>— A 1 1 Alz&fl-f £ Uf7^S4 0) o 

[0052] K> -f >*— A*— /<1 1 Ali. 
SIt-/<M D B S A 1 **£K)*M&«M LOO 1© I 
P7 KUX*jaft«StJ6»i: lt»«t4i. gflLfc 
»K^««M L 0 O 1 <D I P7 KUX S*a5fe«»J£* t 
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Do 

[0 0 5 3] HL±0) J: ^\ZLX. iHf&BH ostYl: 
fctLT. »K)^S«M L 0 0 1<D&W>4l<D I PTKUX 

m*tZ>Zktf*H£T*ibZ> (Xf'^S42, 43) o 

[0054] VL±tstWLtzmmmn<»fe<»&tef&&t l 
t. m^iz. hi i^fciti)^^ h9—i7 a 1 hi 

|C. f£ffijJSUS«M L 0 0 1 h^— 2 A2fclZ*£»J 

-f&i§^ h 1 ?— £ 7 o oca±S!<tte<DifcS&-efe& 

f£IMI§«M L O 0 1 tCOmtZiSl^X^Z^a. 'J x-f 0)fo1 

f^^Cck^t, ^^±1810)^^ K9-^ra^fcL^ 

fc*o C<0i§^ ^aLT^ii«iMLOOH: 
*t LtW^ -trX£«Brr£ J: 5 fc-tr*i Uf-fflfffi 

[0055] m±SftB^LfeHJi^S^fct^-cii. 

I P7 KL/XA^P-/^ I P7 KU^-efc^ii^lCO 
P7 KU^^*tJ^-r^«fc5lcLT^J:l^ -<7?a^. ^ 

T-fT^^—J^tzltM^iV— /<I^N AT (Netwo 
rk Address Translation) 

[0056] &±mwLtz&mtemi~t$^T. w 

/ < A m A 3 t * / U jis'Smv-' * t 
[0 0 5 7] jsi±KMLfc*lt»m=fe^rii. 

^Jt^pIffi^^ia^/^-O^— * 5 a (Clft^T. «»<7) 
SS5fc5 1 -S*5n?^P-/W^ h 1 ?— £«<D»* 

5 aid*. e#©RTfcft4«B*5 i 

5n0IP7Kl/^ FQDN. ^S"]^ 

3R£JMt : E/<-<;WI'— 2 5 a £tf>Pe1frfclNTi2IiE£fT . 
5 o 



[0 0 5 8] S^lc. 13 1 OCfclNT. *«^/WJU^ 
— $ 5 a £4S5fc5 1 3b>t>Sg*5 n(D5*>l^-f*X^ 1 ^£ 

mm^'U)^-* 5 a^^cDHicfci^-c. & 

att £ ft 5 cfc 5 1 w l r t, t> o 
[0059] ■ 6icfci****a.g^-rflMaM 

&3 2mm. H2icj3itswt»HMiM 2(d«86. hu 
io ^-r4fctoa)^a^^A^=j>tfa.-^a^isy prefer 

^vXfAj tit. OS^jg>fl««3?<&/\-K0xT£ 
[0 0 6 0] rziVtfzL-* vXfAj I*. NAAA/ 

^y^f^^^, ^ftir-rX^. ROM. CO- 

ROM§a)piasi«<*. 3>e^-^ vx^AicpqjS£*i 
rz3>erL-^K^yprffi^tB^«n*j tit. 

izfBft ^ tlT ^ -5 ^ P ^ v A i: <7)ffl^t5l± ^H^T* ^ 

[00 6 1] Ja±. c(D«l«a)3lt£^S^IiI®^#^L 

[O 0 6 2] 

eit l . mtumaaramft^m-ti— ^ ^> * t> « 
^KiLfc^^iz. ^ t> iz&wil tzftomm-y— /<fr*<D 

^ICJSCT. Elt*SlcEll**ifc-fe*a.'J-r-<««i 
7tx— A^^> h r 7—<7^l^fcl>T. /^IST 

50 ©*«*-/^&«««a*-/<«itTfl)«a)*i«-y-- 
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0-cfe£ o 

[12 2] *|([»-/WijElco^TlBBt4fcAOi 10 

[03] **iUT--rflMBEtMM 3fcE*S*i*-fe 
'J 1fMB0> — - 0Q£^-f @®-efc&o 

[04] t/W^fl^MDBSA 1 ©HllfclCO 
I* T St^-T £ fc to 0>SB& ^ o * * H "C fe * o 
[0 5] -t?^raL'J-x-rW«SB1SfflJ2 3lz|Bti*^^-lr 

[0 6 ] * A M A 3 <B«j£lCO l^Tg&BJ 

[12 7] -b*3.UT--f««IE«»3 3lZjBtt**l4-fe 20 



f^lzo^TtftBJ-rSfctoO)i>— ^>X0-Cfc£ o 

[09] t+i'jf-fiiMii^*, ism*<«t3t-r^ 
3b>5)&^a)fllSlcot^TKlB■r*fctoa)^affi•Tf&*o 

[HI O] ffl«£H*r>«=> /<a>BTU:fc«Mt 

mmm\z?-$ **«-r«»*ico^rKwr*fctoa) 

[0 1 i] <fe(D||J6^lcfcit^M|S^y<^;u;u-^ 

11. 2 1. 3 1 -g«8B 
1 2-MtMHP- 

1 3. 2 3. 3 

1 4. 2 4. 3 4-»«» 

2 2-t*a«Jf-riWSi«M 

3 2-Wa»Jf-fllHin» 

A M A 1 . -AM-A3— flHMra-0— /* 

MLOOI — ftttfltiMk 

RSA1. RSA2. RS A4— fttt-?— /< 
MDBS A 1* MDBSAS-t/Wjl/flif-/^ 



1] 



B;*vhO—S 




11* 



12' 



m 


2] 




















fl5$8£«6B 






i 

13 







A2:*v h*?— 



11 1] 



-5a 














5R 




5* 




5* 



[04] 



[06] 



51 



52 



5n 



21 — [ 

22- 



24 



Sfitt 



31 





32- — r 








ti5*8£1868 








i 




, 1 , 


1 


23 


34 




33 
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[H3] 





ma 


nm 








MLOOHD 


ML001 


HOStA 




http 


OK 


MLOOI -ID 


MLO01 


HostA 




telnet 


NG 


MLOOHD 


MUX)1 


HOStA 


*v hO— «£?A1 


ftp 


OK 


MLOOHD 


ML0Q1 


HoslB 


^vhO-^AI 


http 


NG 


MLOOHD 


MLOOI 


AreaX 


*v h^-^Ai 


http 


OK 


ML001-ID 


ML001 


HoslP 


^Vh'P-^Al 


PUSH 


OK 



[07] 



[15] 











W3I 




MLOOHD 


ML001 


HostA 


-r- V n — vAl 


http 


OK 


MLOOHD 


MLO01 


HostA 


*V h«>- <?A1 


telnet 


NG 


MUX) 1 -CD 


ML001 


HOStA 


*V h^— <>A1 


ftp 


OK , 


MLOOHD 


MLOOI 


HostB . 


*V h^— ^A1 


http 


NG , 


ML001-ID 


MLOOI 


AreaX 




http 


OK 


MLOOHD 


MLOOI 


HOSIP 


*V 2?A1 


PUSH 


OK - 


ML0O2-K) 


ML002 


HostA . 


*V h^—^AI 


telnet 


NG 


ML0O3-X) 


ML003 


HostB 


*v h^— <?A1 


hop 


NG 


ML003-CD 


ML003 


HostB 


*v hr?— 2>A1 


ftp 


OK 


ML0O44D 


ML004 


HostA 


*V hr?-^>A1 


ALL 


OK 


t 

MLOOHD 


MLO01 


HostA 


£>A2 


http 


OK 


MLOOHD 


MLO01 


HostA 


*vh*?-«S>A2 


telnet 


NG 


MLOOHD 


ML001 


HostA 




ftp 


OK 


MLOOHD 


ML001 


HostB 


2?A2 


http 


NG 











asg 




















MLOOHD 


ML001 


HostA 




http 


OK 


MLOOHD 


ML001 


HostA 




tekiet 


NG 


MLOOI -ID 


MLOOI 


HostA 




ftp 


OK 


MLOOHD 


MLOOI 


HostB 


*V ^A1 


http 


NG 


MLOOI -ID 


ML0O1 


AreaX 


*V h'P—^AI 


http 


OK 


MLOOHD 


ML001 


HostP 


*v hO-^Ai 


PUSH 


OK 


ML002-ID 


ML002 


HostA 


*V hO—^AI 


telnet 


NG 


ML003-ID 


ML003 


HostB 


*v h*?— -^Ai 


http 


NG 


ML003-ID 


ML003 


HostB 


*v hr?-$>A1 


ftp 


OK 


MLO04-ID 


ML004 


HostA 


*v £>A1 


ALL 


OK 



[88] 



MLOOI 



RSA4 



RSA11 



| RSA1—RSA4 | 



/S1 

ML001-ID. g«?% 



S8v 



'MM 



RSA4— RSA11 



ML001-ID 



rv --.ir, Ma^^LraEr* ! MLOOHD. 5 Kfi*£ 
MLOOHD. [ a . 



AMA3 Mfax^es*- rteoo mdbsai 



/S3 



MLOOHD. 



/S5 



. 7>Va£ ; MLD01 -ID, ggflNB. 7>ffABggg* 



-b*q , .J5=*1Sjgg#. MLOOI 



^S13 j MLOOHD. il^zi V T<< 
MLOOHD. ±*D. l Jr-<im 1 



/S14 



^S19 



/S21 



S11 



: X S12 



^S16 



ML001-ID, 



r S18L 



MLOOHD. K5HB«-^S17 



-S22 



^S23l 



-S4 
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[B9] 




imi o] 



UL001 



RSA11 



AUA3 



mm 



SA3 



UL001-IP7KW. 
HostY-IP7h'l/3 



7 

UlOOlftf <fW=00N k 



200 



MLOOItA" 



S34 



^S36 



UL001 -IP7K l/X ML001 AT <*FQDK 



MLCX}1t/r<(M=00N> 



S37 




ri 

ML001-IP7Kl^HostY-IP7K 



MD6SA1 

I 



T 

I 



HostY 



-S31 



S33 



S32 



I 



S39 



S40 



^1 



(72) $S* {Mr F$— 5K030 GA15 HB08 HC01 HC09 JT09 



